A Cisco FTD engineer is creating a new IKEv2 policy called s2s00123456789 for their organization to allow for additional protocols to terminate network devices with. They currently only have one policy established and need the new policy to be a backup in case some devices cannot support the stronger algorithms listed in the primary policy.What should be done in order to support this?
Answer(s): B
All IKE policies on the device are sent to the remote peer regardless of what is in the selected policy section.The first IKE Policy matched by the remote peer will be selected for the VPN connection. Choose which policy is sent first using the priority field. Priority 1 will be sent first.
https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike- protocols/215470- site-to-site-vpn-configuration-on-ftd-ma.html
Which type of encryption uses a public key and private key?
Answer(s): A
What are two features of NetFlow flow monitoring? (Choose two)
Answer(s): A,E
The following are restrictions for Flexible NetFlow:+ Traditional NetFlow (TNF) accounting is not supported. + Flexible NetFlow v5 export format is not supported, only NetFlow v9 export format is supported. + Both ingress and egress NetFlow accounting is supported. + Microflow policing feature shares the NetFlow hardware resource with FNF. + Only one flow monitor per interface and per direction is supported.
https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3se/ consolidated_guide/b_consolidated_3850_3se_cg_chapter_011010.html When configuring NetFlow, follow these guidelines and restrictions:+ Except in PFC3A mode, NetFlow supports bridged IP traffic. PFC3A mode does not support NetFlow bridgedIP traffic.+ NetFlow supports multicast IP traffic.https://www.cisco.com/en/US/docs/general/Test/dwerblo/broken_guide/netflow.html The Flexible NetFlow MPLS Egress NetFlow feature allows you to capture IP flow information for packets that arrive on a router as Multiprotocol Label Switching (MPLS) packets and are transmitted as IP packets.This feature allows you to capture the MPLS VPN IP flows that are traveling through the service provider backbone from one site of a VPN to another site of the same VPN https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/15-mt/nf-15- mt-book/cfgmpls-netflow.html
A customer has various external HTTP resources available including Intranet Extranet and Internet, with a proxy configuration running in explicit mode.Which method allows the client desktop browsers to be configured to select when to connect direct or when to use the proxy?
Answer(s): C
A Proxy Auto-Configuration (PAC) file is a JavaScript function definition that determines whether web browser requests (HTTP, HTTPS, and FTP) go direct to the destination or are forwarded to a web proxy server. PAC files are used to support explicit proxy deployments in which client browsers are explicitly configured to send traffic to the web proxy. The big advantage of PAC files is that they are usually relatively easy to create and maintain.
Post your Comments and Discuss Cisco® 350-701 exam with other Community members:
David A commented on January 16, 2024 Good Colombia Anonymous upvote
Kim commented on May 25, 2023 I just purchased and downloaded my files. Everything looks good so far. UNITED STATES upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 350-701 content, but please register or login to continue.